{"ip":"185.201.161.131","exported_at":"2026-07-18T22:57:49+00:00","period_days":30,"metrics":{"events7d":0,"distinct_ports":0,"distinct_classifications":0,"max_severity":null,"last_sensor_id":"paris-1","max_waf_score":null,"max_risk_score":53,"attack_stage":"exploit_attempt","attack_chain_stage":"exploitation","threat_family":["unknown"],"recommended_action":"monitor","confidence":0.59,"risk_breakdown":{"waf":8,"classification":68,"behavior":0,"geo":0,"protocol":40,"novelty":25},"mitre_tactics":["TA0001","TA0002"],"mitre_technique":"TA0001","top_mitre_technique":"TA0001","top_mitre_count":5,"executive_one_liner_fr":"Activit\u00e9 suspecte \u2014 risque 47\/100 (Moyen) \u2014 MITRE TA0001 \u2014 confiance 59 % \u2014 via NEO4J BOLT","campaign_hint_fr":null,"confidence_breakdown":{"waf":8,"classification":68,"behavior":0,"geo":0,"protocol":40,"novelty":25,"risk_score":47},"persona_hostname":"mail.sensor-1.internal","correlation_flags":[],"correlation_flags_labels_fr":[],"confidence_pct":59,"confidence_hint_fr":null,"sensor_role_label_fr":"Renseignement menaces","tags_summary_labels_fr":["pat-0284"],"tags_summary":["pat-0284"],"attack_vector":"xss attack \u00b7 via NEO4J BOLT:7687 \u00b7 (tentative d\u0027exploit)","protocol_details":{"payload_preview":"GET \/db\/neo4j\/cluster\/overview HTTP\/1.1\r\nHost: 62.3.50.33:7687\r\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKi","port":7687,"service":"neo4j-bolt","service_label_fr":"NEO4J BOLT"},"protocol_summary_fr":"Payload GET \/db\/neo4j\/cluster\/overview HTTP\/1.1\r\nHost: 62.3.50.33:7687\r\u2026 \u00b7 NEO4J BOLT:7687","evidence_snippet":"GET \/db\/neo4j\/cluster\/overview HTTP\/1.1\r\nHost: 62.3.50.33:7687\r\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKi","target_port_label":"7687 \u00b7 NEO4J BOLT","emulator_service":"neo4j-bolt","confidence_reason":"Confiance 59 % \u2014 Motif catalogue confirm\u00e9","classification_reason":"Type \u00ab xss_attack \u00bb (signaux protocolaires) \u00b7 confiance 59%","classification_reason_label_fr":"Type \u00ab xss_attack \u00bb (signaux protocolaires) \u00b7 confiance 59%","confidence_factors_fr":"Confiance 59 % \u2014 Score WAF 8","payload_preview":"GET \/db\/neo4j\/cluster\/overview HTTP\/1.1\r\nHost: 62.3.50.33:7687\r\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKi"},"events":[],"total_events":0}